package com.cancer.biz.auth.reaml;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import com.cancer.biz.auth.entity.User;
import com.cancer.biz.auth.entity.query.UserQuery;
import com.cancer.biz.auth.mapper.UserDao;


/**
 * @Company GeekPlus
 * @TypeName GeekReaml
 * @Description 本系统中自定义的reaml类
 * @Project permission
 * @since 1.0.0
 * @Author guojianxia
 * @Date 2016年1月7日 下午3:33:33
 */
public class GeekReaml extends AuthorizingRealm {
	
	private final static Logger logger = LoggerFactory.getLogger(GeekReaml.class); 

	@Autowired
	private UserDao userDao;

	/** 
	 * 认证
	 */
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		// 把用户名密码令牌
		UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
		String username = usernamePasswordToken.getUsername();
		// 根据用户名查询用户
		UserQuery userQuery = new UserQuery();
		userQuery.createCriteria().andUsernameEqualTo(username);
		List<User> list = new ArrayList<>();
		try {
			list = userDao.selectByExample(userQuery);
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		// 用户存在
		if (list != null && list.size() > 0) {
			User user = list.get(0);
			// 把此用户对应的数据库中密码拿出来
			String password = user.getPassword();
			// 交给安全管理器处理——>比对
			SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, this.getClass().getName());
			return info;
		} else {// 用户不存在
			return null;
		}
	}

	/**
	 * 授权
	 */
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//		try {
//			User user = (User) principalCollection.getPrimaryPrincipal();
//			List<Permission> list = new ArrayList<Permission>();
//			if (user.getUsername().equals("admin")) {
//				PermissionQuery query = new PermissionQuery();
//				list = permissionDao.selectByExample(query);
//			} else {
//				// 根据用户的id查询出用户对应的角色ids
//				List<Integer> ids = userDao.queryRoleIdsByUserId(user.getId());
//				// 角色id不为空再查权限
//				if (ids != null && ids.size() > 0) {
//					for (Integer id : ids) {
//						List<Integer> perids = roleDao.queryPermissionIdsByRoleId(id);
//						if (perids != null && perids.size() > 0) {
//							PermissionQuery query = new PermissionQuery();
//							query.createCriteria().andIdIn(perids);
//							list.addAll(permissionDao.selectByExample(query));
//						}
//					}
//				}
//			}
//			// 为用户授权
//			for (Permission permission : list) {
//				info.addStringPermission(permission.getCode());
//			}
//		} catch (Exception e) {
//			logger.error("为用户授权发生异常，异常信息为：{}",e.toString());
//		}
		return info;
	}

}
